Buzz about a Windows Vista zero-day vulnerability is troubling enough (although probably overblown). Now, there appears to be a second product activation hack, this one designed to fool the activation timer into not counting down. The activation hack is quite different from the first one, which involved setting up a Key Management Service server. Microsoft also released an update blocking hybrid testing/final Vista "Monster" code that could bypass product activation.

"Recently it has been reported that activation of Microsoft's Windows Vista operating system has been compromised," a Microsoft spokesperson said in a statement in response to a Microsoft Watch inquiry. "Microsoft is investigating this reported activation breach; however, there is no concrete evidence that this breach has been automated to the point that it is widely deployable." The not "widely deployable" statement, while likely true, isn't denial of an actual activation breach.

I've read instructions, which I won't link to, and comments from people successfully trying the so-called Time Stopper hack; I haven't tested it and wouldn't because of possible security breach when applying a downloaded crack as part of the process. As the Microsoft spokesperson acknowledged, there are reports about the crack, which requires setting a computer's BIOS clock to 2099. The hack does work on 32-bit Windows Vista installations but not necessarily 64-bit versions. The process requires some other Windows changes and eventual clock reset from within Vista leading to a perpetual state of 30 days to activation.